Friday, May 19, 2006

Dimitry Ivanovich Golubov doesn't look like an arch criminal. A baby-faced 22-year-old Ukrainian, he is described by his lawyer as an unassuming part-time student at MechnikovUniversity in Odessa.

But when the Ukrainian police arrested him last July for his involvement in credit-card fraud, U.S. law enforcement officials hailed it as a big break in their fight against cybercrime. Subsequently, in January, 2006, the U.S. Attorney's office for the Central District of California charged Golubov with a number of cybercrimes, including credit-card fraud. An affidavit by a special agent with the Federal Bureau of Investigation states that Golubov held the title of "Godfather" for "an international ring of computer hackers and Internet fraudsters that has...trafficked in millions of stolen credit card numbers and financial information." U.S. Postal Inspection Service senior investigator Gregory S. Crabb, who worked with Ukrainian authorities on their case, says Golubov and others controlled the numbers, names, and security codes attached to credit cards. Low-level criminals would use that to load up fake cards and withdraw cash from automated teller machines or buy merchandise. "Golubov was known as the go-to guy," says Crabb.

But last December, Golubov's story took a bizarre twist. Two Ukrainian politicians, including Vladimir Demekhin, deputy chairman of the Energy Committee of the Ukrainian Parliament, vouched for Golubov's character in court. The judge hearing the case released Golubov on a personal recognizance bond from the two officials. (Demekhin did not respond to e-mails and phone calls.) U.S. officials say they are worried that Golubov may leave the country, and a date for his trial hasn't been set. "Chat from the carding community" indicates Golubov may be back in business, says Crabb. Golubov's lawyer, Petro Boiko, claims he isn't hiding and the charges are groundless: "There has been a legend made of Golubov, of a big hacker. There is no evidence linking him to this case. He knows how to use a computer, but he is not a hacker by any means."

At least authorities had their hands on Golubov, however briefly. Usually, the people they suspect of conducting computer crime leave behind only traces of their existence: a quirky online nickname, a few postings on illicit Web sites, and a trail of financial mayhem. But BusinessWeek, working with information and photos supplied by officials at the U.S. Postal Inspection Service, as well as state law enforcement agencies and private Internet security experts, compiled descriptions of some of the most sought-after targets in cybercrime investigations. Shown the list, the United States Secret Service said it is investigating some of those on it as well, but declined to comment further. The FBI also declined to comment.

The picture that emerges is of organized gangs of young, mostly Eastern European hackers who are growing ever more brazen about doing business on the Web. They meet in underground forums with names like DarkMarket.org and theftservices.com to trade tips and data and coordinate scams that span the globe. (Those and other Web sites and organizations named by investigators did not respond to e-mails, instant messages, or phone calls seeking comment.) "Financial payment fraud has evolved tremendously," says John Corbelletta, a former police officer who is director of fraud control for Visa U.S.A. Inc. "Most of the cases I investigated when I was a cop involved people who had their cards stolen out of their purse. We didn't even think of counterfeiting cards."

Today, cyberscams are the fastest-growing criminal niche. Scores of banks and e-commerce giants, from JPMorgan Chase & Co. (JPM ) to walmart.com (WMT ), have been hit, sometimes repeatedly, by hackers and online fraud schemes. The 2005 FBI Computer Crime Survey estimated annual losses to all types of computer crime -- including attacks of viruses and other "malware," financial fraud, and network intrusions -- at $67 billion a year. Of the 2,066 companies responding to the survey, 87% reported a security incident. The U.S. Federal Trade Commission, which says identity theft is its top complaint, on May 10 created an Identity Theft Task Force following an executive order signed by President George W. Bush.

To track cybercrime, law enforcement officers work with companies such as eBay Inc. (EBAY ) or Microsoft Corp. (MSFT ) as well as with authorities around the globe. EBay has 60 people combating fraud, while Microsoft's Internet Safety Enforcement team has 65 operatives, including former law enforcement agents and federal prosecutors. To document the extent of the activity, BusinessWeek reporters also scoured underground Web sites where stolen data is swapped like so many baseball cards on eBay. Consider this e-mail promoting the launch of an online trading bazaar, vendorsname.ws, last year:

"During the battle with US Secret Service, we !@#&! all those [law enforcement] bastards and now are running a brand new, improved and the biggest carder' forum you ever seen." The message brags about its array of stolen goods: U.S. and European credit-card data, "active and wealthy" PayPal (EBAY ) accounts, and Social Security numbers. Those who "register today" get a "bonus" choice of "one Citybank account with online access with 3K on board" or "25 credit cards with PINs for online carding."

What follows is a look at four individuals, besides Golubov, who are identified by multiple law enforcement authorities as high-priority targets in their investigations. It's no coincidence that all are Russian. Strong technical universities, comparatively low incomes, and an unstable legal system make the former Soviet Union an ideal breeding ground for cyberscams. Also, tense political relations sometimes complicate efforts to obtain cooperation with local law enforcement. "The low standard of living and high savviness is a bad combination," says Robert C. Chesnut, a former U.S. federal prosecutor who is a senior vice-president directing antifraud efforts at eBay.